Idea: Efficient Evaluation of Access Control Constraints
نویسندگان
چکیده
Business requirements for modern enterprise systems usually comprise a variety of dynamic constraints, i. e., constraints that require a complex set of context information only available at runtime. Thus, the efficient evaluation of dynamic constraints, e. g., expressing separation of duties requirements, becomes an important factor for the overall performance of the access control enforcement. In distributed systems, e. g., based on the service-oriented architecture (SOA), the time for evaluating access control constraints depends significantly on the protocol between the central Policy Decision Point (PDP) and the distributed Policy Enforcement Points (PEPs). In this paper, we present a policy-driven approach for generating customized protocol for the communication between the PDP and the PEPs. We provide a detailed comparison of several approaches for querying context information during the evaluation of access control constraints.
منابع مشابه
Idea: Efficient Evaluation of Access Control Constraint
Business requirements for modern enterprise systems usually comprise a variety of dynamic constraints, i. e., constraints that require a complex set of context information only available at runtime. Thus, the efficient evaluation of dynamic constraints, e. g., expressing separation of duties requirements, becomes an important factor for the overall performance of the access control enforcement....
متن کاملAn Effective Modality Conflict Model for Identifying Applicable Policies During Policy Evaluation
Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Modality conflict is one of the main issues in policy evaluation. Existing modality conflict detection approaches do not consider complex condition attributes such as spatial and temporal constraints. An effective authorization propagation rule is n...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملAn efficient method to control the amplitude of the limit cycle in satellite attitude control system
In this paper, an efficient method is presented to control the attitude of a satellite with ON-OFF actuator. The main objective of this novel method is to control the amplitude of the limit cycle which commonly appears in the steady state of such systems; and at the same time by consideration of real actuator constraints, reduce the fuel consumption of system. The Proposed method is a combinati...
متن کاملConstraints to Increasing Agricultural Production and Productivity among Women Farmers in Sub-Saharan Africa: Implications for Agricultural Transformation Agenda
Agriculture is an important engine of growth and poverty reduction in much of Africa, Nigeria inclusive. But the sector is underperforming in part because women, who are often crucial resource in agriculture and rural economy, face constraints that reduce their productivity. An understanding of these constraints is a prerequisite to devising policies to improve agricultural production and produ...
متن کامل